Future hardware designs for embedded systems will exhibit more parallelism and energy efficiency at the price of being less reliable. This bears new challenges for system software, especially the operating system (OS), which has to use and provide software measures to compensate for unreliable hardware. The DanceOS project addresses these challenges for OS design by a novel combination of resource-efficient software-based fault-tolerance techniques, which can flexibly be applied to the OS and the application by means of aspect-oriented programming, driven by a tool-based (semi-)automatic analysis of the application and OS code, resulting in a strictly problem-oriented tailoring of the latter with respect to hardware-fault tolerance.The main goals for the third funding period are (1) to broaden the scope of our research towards the layers above and below the OS in the hardware/software stack and (2) to refine and optimize our methods and tools to gain a better understanding of their fundamental limits.On top of the OS layer, a special focus will be on hardening multi-threaded services in distributed environments. Below the OS, we regard architectures with nonvolatile memories as a hot topic that must be addressed. These systems provide opportunities for novel software-based fault-tolerance measures and very fast (potentially fine-grained) error-recovery mechanisms. On the other hand, nonvolatile memories bear the risk of turning soft errors into permanent failure if not handled correctly.In addition to optimizing the resource efficiency of our aspect-oriented fault-tolerance measures by incorporating whole-program analysis, we plan to explorean alternative development approach based on code generation. The result will be a highly-dependable (AN-encoded) OSEK-like RTOS, which will -- by comparison to previous works -- lead to insights about fundamental limits of using general-purpose aspect languages for software-based fault tolerance. Our dependability analysis infrastructure will be optimized to yield results much faster with only very small compromises regarding result quality. This shall allow developers to integrate our assessment tools into the development cycle. A recurring topic throughout most work packages is the extension of our fault models. While single-bit flips in main memory and CPU registers were dominant in previous project phases, we now aim at incorporating recent research results on more realistic ISA- und sub-ISA fault models.

DFG Programme Priority Programmes

Subproject of SPP 1500:  Design and Architectures of Dependable Embedded Systems